#1
  1. A Change of Season
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,472
    Rep Power
    221

    Is it safe to receive api calls like this?


    Hey dudes and girls;

    Previously I explained how I am building a simple system that autoresponders such as Ontraport and Aweber send me API requests.

    I store these into my database and allow their clients to visit pages with custom countdown timers.

    I might be getting a large number of requests. Both for my data-receiver (that adds prospects to the DB) and the page request itself.

    We can't do proper auth since senders are limited to what they send (explained here).

    So here is my endpoint.

    What happens if I get many requests at the same time?

    How?

    For example, user logs into their autoresponder app like Ontraport selects 5000 (or 50k or 500k) contacts, and by 1 click sends them to me.


    This is my system specs.

    PHP Code:
    <?php
    defined
    ('BASEPATH') OR exit('No direct script access allowed');

    class 
    Data_receiver extends CI_Controller {

        public function 
    __construct()
            {
                
    parent::__construct();
            }

        public function 
    index()
            {
                
    //Validate Account Owner
                
    $sql "SELECT * FROM launch_owners WHERE id = ?";
                
    $query $this->db->query($sql, array($_POST['user_id']));
                if(
    $query->num_rows()!=1)
                    {
                        echo 
    "Invalid Request";exit();
                    }
                else
                    {
                        
    $results $query->result_array()[0];    
                        
    //More Validate Account Owner
                        
    if($results['status']!='active' || $results['secret_key']!=$_POST['secret_key'])
                            {
                                echo 
    "Inactive Account Or Invalid Secret";exit();
                            }
                        else 
                            {
                                
    //Validate Launch
                                
    $sql "SELECT * FROM launch_launches WHERE id = ? AND launch_type = ?";
                                
    $query $this->db->query($sql, array($_POST['launch_id'], 'evergreen'));
                                if(
    $query->num_rows()==1)
                                    {
                                        
    //Does Prospect exist under this user?
                                        
    $sql "SELECT * FROM launch_prospects WHERE email = ? AND owner_id = ?";
                                        
    $query $this->db->query($sql, array($_POST['prospect_email'], $_POST['user_id']));
                                        if(
    $query->num_rows()==1)
                                            {
                                                
    $prospect_id $query->result_array()[0]['id'];
                                            }
                                        else 
                                            {
                                                
    $data = array(
                                                    
    'email' => $_POST['prospect_email'],
                                                    
    'owner_id' => $_POST['user_id'],
                                                );
                                                
    $this->db->insert('launch_prospects'$data);
                                                
    $prospect_id $this->db->insert_id();
                                            }
                                        
    //Delete prospect from this launch if already exist in the seqeunce
                                        
    $this->db->delete('launch_launch_prospect', array('launch_id' => $_POST['launch_id'], 'prospect_id'=>$prospect_id)); 
                                        
    //Add Prospect To Launch
                                        
    $data = array(
                                                    
    'launch_id' => $_POST['launch_id'],
                                                    
    'prospect_id' => $prospect_id,
                                                    
    'time_added' => time()
                                            );
                                        
    $this->db->insert('launch_launch_prospect'$data);

                                        
    //Insert the smae into stats table
                                        
    $data = array(
                                                    
    'launch_id' => $_POST['launch_id'],
                                                    
    'prospect_id' => $prospect_id,
                                                    
    'time_added' => time()
                                            );
                                        
    $this->db->insert('launch_launch_prospect_history'$data);
                                        echo 
    "Added Successfully";
                                    }
                                else 
                                    {
                                        echo 
    "Invalid launch";exit();
                                    }    
                            }    
                    }    





            }
    }
  2. #2
  3. Impoverished Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,744
    Rep Power
    9646
    I'm not sure what you're thinking about, but it seems like there could be an opportunity for race conditions in there. Wrap the stuff about launch prospect whatevers into a transaction.
  4. #3
  5. A Change of Season
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,472
    Rep Power
    221
    Originally Posted by requinix
    I'm not sure what you're thinking about, but it seems like there could be an opportunity for race conditions in there. Wrap the stuff about launch prospect whatevers into a transaction.
    Hi;

    2 things:

    1 - I am using CI Transactions now -> LINK. Not sure how this makes a different and how I can see the difference of running the script with or without transactions.

    2 - I usually use hurl.it to test this. How can I test such script under pressure? For example a system could send me 100k calls.

    How can I test this system and make sure it works?

    Thanks



    PHP Code:
    <?php
    defined
    ('BASEPATH') OR exit('No direct script access allowed');

    class 
    Data_receiver extends CI_Controller {

        public function 
    __construct()
            {
                
    parent::__construct();
            }

        public function 
    index()
            {
                
    $this->db->trans_start();
                
    //Validate Account Owner
                
    $sql "SELECT * FROM launch_owners WHERE id = ?";
                
    $query $this->db->query($sql, array($_POST['user_id']));
                if(
    $query->num_rows()!=1)
                    {
                        echo 
    "Invalid Request";exit();
                    }
                else
                    {
                        
    $results $query->result_array()[0];    
                        
    //More Validate Account Owner
                        
    if($results['status']!='active' || $results['secret_key']!=$_POST['secret_key'])
                            {
                                echo 
    "Inactive Account Or Invalid Secret";exit();
                            }
                        else 
                            {
                                
    //Validate Launch
                                
    $sql "SELECT * FROM launch_launches WHERE id = ? AND launch_type = ?";
                                
    $query $this->db->query($sql, array($_POST['launch_id'], 'evergreen'));
                                if(
    $query->num_rows()==1)
                                    {
                                        
    //Does Prospect exist under this user?
                                        
    $sql "SELECT * FROM launch_prospects WHERE email = ? AND owner_id = ?";
                                        
    $query $this->db->query($sql, array($_POST['prospect_email'], $_POST['user_id']));
                                        if(
    $query->num_rows()==1)
                                            {
                                                
    $prospect_id $query->result_array()[0]['id'];
                                            }
                                        else 
                                            {
                                                
    $data = array(
                                                    
    'email' => $_POST['prospect_email'],
                                                    
    'owner_id' => $_POST['user_id'],
                                                );
                                                
    $this->db->insert('launch_prospects'$data);
                                                
    $prospect_id $this->db->insert_id();
                                            }
                                        
    //Delete prospect from this launch if already exist in the seqeunce
                                        
    $this->db->delete('launch_launch_prospect', array('launch_id' => $_POST['launch_id'], 'prospect_id'=>$prospect_id)); 
                                        
    //Add Prospect To Launch
                                        
    $data = array(
                                                    
    'launch_id' => $_POST['launch_id'],
                                                    
    'prospect_id' => $prospect_id,
                                                    
    'time_added' => time(),
                                                    
    'date_added' => date('Y-m-d')
                                            );
                                        
    $this->db->insert('launch_launch_prospect'$data);

                                        
    //Insert the same into stats table
                                        
    $data = array(
                                                    
    'launch_id' => $_POST['launch_id'],
                                                    
    'prospect_id' => $prospect_id,
                                                    
    'time_added' => time(),
                                                    
    'date_added' => date('Y-m-d')
                                            );
                                        
    $this->db->insert('launch_launch_prospect_history'$data);
                                        echo 
    "Added Successfully";
                                    }
                                else 
                                    {
                                        echo 
    "Invalid launch";exit();
                                    }    
                            }    
                    }    



            
    $this->db->trans_complete();        

            }
    }
    Last edited by English Breakfast Tea; April 20th, 2018 at 06:00 PM.

IMN logo majestic logo threadwatch logo seochat tools logo